<?php
require_once '../../includes/initialize.php';

if($session->is_logged_in()){
	redirect_to("index.php");
}

//Remember to give your form's submit tag a name 
if(isset($_POST['submit'])){
	$username = trim($_POST['username']);
	$password = trim($_POST['password']);
	
	//Check to see if the user is found
	$found_user = User::authenticate($username, $password);
	if($found_user){
		$session->log_in($found_user);
		redirect_to('index.php');
	}
	else{
		$message = "Username and password combination incorrect";
	}
}
else //form has not been submitted  
{
	$username = "";
	$password = "";
}
?>
<html>
	<head>
		<title>Photo Gallery</title>
		<link href="../stylesheets/main.css" media="all" rel="stylesheet" type="text/css"/>
	</head>
	<body>
		<div id="header">
			<h1>Photo Gallery</h1>
		</div>
		<div id="main">
			<h2>Staff Login</h2>
			<?php echo output_message($message);?>
		
		<form action="login.php" method = "POST">
		<table>
			<tr>
				<td>Username:</td>
				<td><input type="text" name="username" maxlength="30" value="<?php echo htmlentities($username);?>"/></td>
			</tr>
			<tr>
				<td>Password:</td>
				<td><input type="password" name="password" maxlength="30" value="<?php echo htmlentities($password);?>"/></td>
			</tr>
			<tr>
				<td colspan="2">
				<input type="submit" name="submit" value="login"/>
				</td>
			</tr>
			
		</table>
		</form>
		</div>
		
	</body>
</html>